VPN Server implemented in pure Python.(For Research Purposes Only)
All VPN softwares are stupid, clumsy and hard to configure. So comesPython -vpn.
- NO app install needed
- NO server configuration file
- NO network interface added
- NO iptables or "/etc" modified
Press "RETURN" to start, "CTRL+C" to stop.
$ pip3 install pvpn
Successfully installed pvpn-0.2.1
$ pvpn -p yourpassword
Serving on UDP:500:4500...
^C
$ pvpn -wg 9000
Serving on UDP:500:4500...
Serving on UDP:9000 (WIREGUARD)...
^C
Open server's UDP port:500:4500 to your device. In device's system setting, add an "IPSec" (iOS) or "IPSec IKE PSK" (Android) node, write down the server address and password "yourpassword". Connect.
If you prefer wireguard VPN, specify "-wg (port)" parameter and open server's (port) UDP port to your device. Paste the printed server public key to wireguard client settings, write down the server address:port. Connect.
You should modify the default password "test" with a good one. See "pvpn -h" for more options.
- Clean, lightweight
- IKEv1, IKEv2, L2TP auto-detection
- WireGuard
- TCP stack
- TCP/UDP tunnel
- DNS cache
Protocol Name | Name in iOS | Name in Android | Name in MacOS | Name in Windows |
---|---|---|---|---|
L2TP PSK ✔ | L2TP | "L2TP/IPSec PSK" | L2TP/IPSec | L2TP |
IKEv1 PSK ✔ | IPsec[1] | "IPSec Xauth PSK" | Cisco IPSec | IPSec |
IKEv2 PSK ✔ | IKEv2[2] | "IPSec IKEv2 PSK" | IKEv2 | IKEv2 |
WireGuard ✔ | WireGuard App[3] |
TCP Tunnel
If the remote host match in file "rules.country", tunnel through http proxy. $ pvpn -r http://remote_server:port?rules.country
UDP Tunnel
Redirect all DNS requests to 8.8.8.8. $ pvpn -ur tunnel://8.8.8.8:53?{53}
IPSec/ESP
- RFC2406IP Encapsulating Security Payload (ESP)
- RFC3947Negotiation of NAT-Traversal in the IKE
- RFC3948UDP Encapsulation of IPsec ESP Packets
IKE/ISAKMP
- RFC2407The Internet IP Security Domain of Interpretation for ISAKMP
- RFC2408Internet Security Association and Key Management Protocol (ISAKMP)
- RFC2409The Internet Key Exchange (IKE)
- IANA_01Internet Key Exchange (IKE) Attributes
- IANA_02"Magic Numbers" for ISAKMP Protocol
- DRAFT_1The ISAKMP Configuration Method
- DRAFT_2Extended Authentication within IKE (XAUTH)
IKEv2
- RFC7296Internet Key Exchange Protocol Version 2 (IKEv2)
- IANA_03Internet Key Exchange Version 2 (IKEv2) Parameters
- RFC3748Extensible Authentication Protocol (EAP)
- RFC5106The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2 (EAP-IKEv2) Method
Diffie Hellman
- RFC3526More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
- RFC5903Elliptic Curve Groups modulo a Prime (ECP Groups) for IKE and IKEv2
- RFC5114Additional Diffie-Hellman Groups for Use with IETF Standards
L2TP
- RFC2661Layer Two Tunneling Protocol "L2TP"
- RFC3193Securing L2TP using IPsec
- RFC1549PPP in HDLC Framing
- RFC1661The Point-to-Point Protocol (PPP)
- RFC1332The PPP Internet Protocol Control Protocol (IPCP)
WireGuard